2009 Perspective - hot stories and list of lists.
- U.S. seeks 'top guns' for cybersecurity - ComputerWorld, Jul 27, 2009
- Rogue Antivirus Operations Thrive in 2009 -eWeek, Dec 22, 2009
- Obama names a cyber security chief - Boston Globe, Dec 22, 2009
- Verizon Business Issues 2009 Data Breach Supplimental Report Profiling 15 Most Common Attacks (32p) Anatomy of a Data Breach' Sheds New Light on How and Why Attacks Occur
- Results from 600 incidents over five years make a strong case against the long-abiding and deeply held belief that insiders are behind most breaches.
- Top 15 threat action types (flckr link) from 2009 DBIR (page 6 of 32):
- Where should mitigation efforts be focused?
a. Ensure essential controls are met.
b. Find, track, and assess data.
c. Collect and monitor event logs.
d. Audit user accounts and credentials.
e. Test and review web applications.
- Top Security Stories of 2009 - eWeek, Dec 28, 2009
1. Conficker Countdown, see "The Internet is Infected" - 60 Minutes - April 2009
2. Cyber Security Coordinator (Czar)
3. Gonzalez and His Gang Taken Down (huge takedown!)
4. Social Networking and You (organizations, regulators wressle with privacy, security issues)
5. Apple iPhone Security Woes (Dutch teanager discovery leads to worm attacking jailbroken phones)
6. Hacktivists Stay Busy (twitter redirection to Iranina cyber army, DDos attacks, etc)
7. Electric Grid Lights Out (hacker spies causing power outages, infiltrating national defenses) see "Sabotaging The System" - 60 Minutes - Nov 2009
8. F-35 Fighter Plans Hijacked by Hackers
- The Future of Threats and Threat Technologies: How the Landscape is Changing (24 p) TrendMicro, Dec 2009- Several threat area predictions that that came true in 2009:
- Social networking sites will grow as targets;
- Social engineering will become increasingly prevalent and clever - Unlike the global economy, the underground economy will continue to flourish.
More: Perspective One Year Ago
- The Future of Threats and Threat Technologies: How the Landscape is Changing (24 p) TrendMicro, Dec 2009
- No global outbreaks, but localized and targeted attacks.
- It’s all about money, so cybercrime will not go away.
- Windows 7 will have an impact since it is less secure than Vista in the default configuration.
- Risk mitigation is not as viable an option anymore—even with alternative browsers/OSs
- Malware is changing its shape—every few hours.
- Drive-by infections are the norm—one Web visit is enoughto get infected.
- New attack vectors will arise for virtualized/cloud environments.
- Bots cannot be stopped anymore, and will be around forever.
- Company/Social networks will continue to be shaken by data breaches.
- Risky Business #137 -- Year in review special! - Patrick Gray, Dec 2009 (news and opinion)
More: Predictions One Year Ago
No comments:
Post a Comment